JP2014518582A - Dllインジェクション機能を持つコンピュータ装置及びdllインジェクション方法 - Google Patents
Dllインジェクション機能を持つコンピュータ装置及びdllインジェクション方法 Download PDFInfo
- Publication number
- JP2014518582A JP2014518582A JP2014508278A JP2014508278A JP2014518582A JP 2014518582 A JP2014518582 A JP 2014518582A JP 2014508278 A JP2014508278 A JP 2014508278A JP 2014508278 A JP2014508278 A JP 2014508278A JP 2014518582 A JP2014518582 A JP 2014518582A
- Authority
- JP
- Japan
- Prior art keywords
- target process
- dll
- target
- injection
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44521—Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/451—Execution arrangements for user interfaces
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Mathematical Physics (AREA)
- Human Computer Interaction (AREA)
- Stored Programmes (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110039901A KR101242127B1 (ko) | 2011-04-28 | 2011-04-28 | Dll 인젝션 기능을 구비한 컴퓨팅 장치 및 dll 인젝션 방법 |
KR10-2011-0039901 | 2011-04-28 | ||
PCT/KR2012/001775 WO2012148080A2 (fr) | 2011-04-28 | 2012-03-12 | Dispositif informatique à fonction d'injection de dll, et procédé d'injection de dll |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2014518582A true JP2014518582A (ja) | 2014-07-31 |
JP2014518582A5 JP2014518582A5 (fr) | 2015-04-23 |
Family
ID=47072842
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2014508278A Pending JP2014518582A (ja) | 2011-04-28 | 2012-03-12 | Dllインジェクション機能を持つコンピュータ装置及びdllインジェクション方法 |
Country Status (5)
Country | Link |
---|---|
US (1) | US8875165B2 (fr) |
EP (1) | EP2704004B1 (fr) |
JP (1) | JP2014518582A (fr) |
KR (1) | KR101242127B1 (fr) |
WO (1) | WO2012148080A2 (fr) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2019079289A (ja) * | 2017-10-25 | 2019-05-23 | システムインテリジェント株式会社 | 情報漏洩防止装置、及び情報漏洩防止プログラム |
JP2021521563A (ja) * | 2018-05-22 | 2021-08-26 | ノートンライフロック インコーポレイテッド | セキュリティポリシーに基づいてアプリケーション起動を制御するためのシステム及び方法 |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109684824B (zh) * | 2014-12-29 | 2021-09-03 | 北京奇虎科技有限公司 | 进程的权限配置方法及装置 |
US10083296B2 (en) * | 2015-06-27 | 2018-09-25 | Mcafee, Llc | Detection of malicious thread suspension |
CN106095482A (zh) * | 2016-05-31 | 2016-11-09 | 宇龙计算机通信科技(深圳)有限公司 | 应用程序的冻结方法及装置 |
US10235161B2 (en) * | 2017-02-06 | 2019-03-19 | American Megatrends, Inc. | Techniques of adding security patches to embedded systems |
KR102146882B1 (ko) | 2018-11-12 | 2020-08-21 | 주식회사 안랩 | 메시지 모니터링 장치 및 방법 |
CN111198723B (zh) * | 2018-11-19 | 2023-03-07 | 深圳市优必选科技有限公司 | 一种进程注入方法、终端设备及计算机可读存储介质 |
KR101958933B1 (ko) * | 2018-12-18 | 2019-03-18 | 주식회사 웨어밸리 | 소켓 인젝션을 통한 데이터베이스 내의 정보 수집 방법 및 장치 |
US11170126B2 (en) | 2019-01-03 | 2021-11-09 | Citrix Systems, Inc. | Policy based notification protection service in workspace |
US11307910B2 (en) * | 2019-06-10 | 2022-04-19 | Citrix Systems, Inc. | Notification tagging for a workspace or application |
CN111338922B (zh) * | 2020-03-02 | 2023-04-11 | 武汉思普崚技术有限公司 | Dll失效的检测方法及装置 |
CN111475229B (zh) * | 2020-04-09 | 2021-01-15 | 广州锦行网络科技有限公司 | 一种Windows平台下的dll注入方法及*** |
US11681520B2 (en) | 2021-04-20 | 2023-06-20 | International Business Machines Corporation | Software upgrading using dynamic link library injection |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6141698A (en) * | 1997-01-29 | 2000-10-31 | Network Commerce Inc. | Method and system for injecting new code into existing application code |
US7039919B1 (en) * | 1998-10-02 | 2006-05-02 | Microsoft Corporation | Tools and techniques for instrumenting interfaces of units of a software program |
US6463583B1 (en) | 1999-04-08 | 2002-10-08 | Novadigm, Inc. | Dynamic injection of execution logic into main dynamic link library function of the original kernel of a windowed operating system |
US8769268B2 (en) * | 2007-07-20 | 2014-07-01 | Check Point Software Technologies, Inc. | System and methods providing secure workspace sessions |
US8578483B2 (en) * | 2008-07-31 | 2013-11-05 | Carnegie Mellon University | Systems and methods for preventing unauthorized modification of an operating system |
JP2011013955A (ja) * | 2009-07-02 | 2011-01-20 | Hitachi Systems & Services Ltd | メディアチェック回避システム |
US20120167057A1 (en) * | 2010-12-22 | 2012-06-28 | Microsoft Corporation | Dynamic instrumentation of software code |
-
2011
- 2011-04-28 KR KR1020110039901A patent/KR101242127B1/ko active IP Right Grant
-
2012
- 2012-03-12 WO PCT/KR2012/001775 patent/WO2012148080A2/fr active Application Filing
- 2012-03-12 US US14/113,249 patent/US8875165B2/en active Active
- 2012-03-12 EP EP12777809.0A patent/EP2704004B1/fr active Active
- 2012-03-12 JP JP2014508278A patent/JP2014518582A/ja active Pending
Non-Patent Citations (11)
Title |
---|
CSNB200100185001; マックルー スチュアート: クラッキング防衛大全 不正アクセス手法の傾向とその対策 第1版, 20030205, pp.131-133, 株式会社翔泳社 SHOEISHA CO.,LTD. * |
CSNB200200348001; リヒター ジェフリ: プログラミング Microsoft Windows 2000 -サービスによるサーバーアプリケーショ 第1版, 20001016, pp.520-523 * |
CSND201100235008; 多田 政美: '一時的セキュア空間作成による情報の二次流出防止' PROVISION 第68巻, 20110209, pp.88-95 * |
CSNG200700917005; 齊藤 正隆: 'API Hookを用いたWindowsプログラムのモビリティ向上ソフトウェアの作成' 電子情報通信学会技術研究報告 Vol.106 No.327 IEICE Technical Report 第106巻/第327号, 20061027, pp.25-30, 社団法人電子情報通信学会 The Institute of Electro * |
JPN6014051148; 齊藤 正隆: 'API Hookを用いたWindowsプログラムのモビリティ向上ソフトウェアの作成' 電子情報通信学会技術研究報告 Vol.106 No.327 IEICE Technical Report 第106巻/第327号, 20061027, pp.25-30, 社団法人電子情報通信学会 The Institute of Electro * |
JPN6014051150; マックルー スチュアート: クラッキング防衛大全 不正アクセス手法の傾向とその対策 第1版, 20030205, pp.131-133, 株式会社翔泳社 SHOEISHA CO.,LTD. * |
JPN6014051152; リヒター ジェフリ: プログラミング Microsoft Windows 2000 -サービスによるサーバーアプリケーショ 第1版, 20001016, pp.520-523 * |
JPN6014051153; 多田 政美: '一時的セキュア空間作成による情報の二次流出防止' PROVISION 第68巻, 20110209, pp.88-95 * |
JPN6014051154; Alex SKALETSKY: 'Dynamic program analysis of Microsoft Windows applications' Proceedings of Performance Analysis of Systems & Software (ISPASS), 2010 IEEE International Symposiu , 20100330, pp.2-12 * |
JPN6015011592; Alex SKALETSKY: 'Dynamic Program Analysis of Microsoft Windows Applications' Proceedings of 2010 IEEE International Symposium on Performance Analysis of System & Software(ISPASS , 20100330, pp.2-12 * |
JPN6015011594; サイツ ジャスティン: リバースエンジニアリング 第1版, 20100524, pp.123-127, 株式会社オライリー・ジャパン オライリー ティム * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2019079289A (ja) * | 2017-10-25 | 2019-05-23 | システムインテリジェント株式会社 | 情報漏洩防止装置、及び情報漏洩防止プログラム |
JP2021521563A (ja) * | 2018-05-22 | 2021-08-26 | ノートンライフロック インコーポレイテッド | セキュリティポリシーに基づいてアプリケーション起動を制御するためのシステム及び方法 |
JP7060714B2 (ja) | 2018-05-22 | 2022-04-26 | ノートンライフロック インコーポレイテッド | セキュリティポリシーに基づいてアプリケーション起動を制御するためのシステム及び方法 |
Also Published As
Publication number | Publication date |
---|---|
EP2704004B1 (fr) | 2016-02-03 |
EP2704004A2 (fr) | 2014-03-05 |
EP2704004A4 (fr) | 2014-12-17 |
KR20120121973A (ko) | 2012-11-07 |
WO2012148080A2 (fr) | 2012-11-01 |
US20140047461A1 (en) | 2014-02-13 |
WO2012148080A3 (fr) | 2013-01-03 |
KR101242127B1 (ko) | 2013-03-12 |
US8875165B2 (en) | 2014-10-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP2014518582A (ja) | Dllインジェクション機能を持つコンピュータ装置及びdllインジェクション方法 | |
US10460099B2 (en) | System and method of detecting malicious code in files | |
KR101740224B1 (ko) | 불법 모드 변경처리 | |
US10083294B2 (en) | Systems and methods for detecting return-oriented programming (ROP) exploits | |
CN102799817B (zh) | 用于使用虚拟化技术进行恶意软件保护的***和方法 | |
JP2018041438A5 (fr) | ||
US9111096B2 (en) | System and method for preserving and subsequently restoring emulator state | |
JP2014518582A5 (fr) | ||
US20070113291A1 (en) | Method for administrating the function access | |
JP7228751B2 (ja) | 権限管理のための方法および装置、コンピュータ機器ならびに記憶媒体 | |
JP2014516191A (ja) | 仮想パーティションを監視するためのシステムおよび方法 | |
KR20150063417A (ko) | 데이터 처리장치와, 안전한 도메인 및 덜 안전한 도메인 사이에서 전환될 때 데이터 및 프로그램 코드를 안전하지 않은 액세스로부터 보호하는 방법 | |
US20190286820A1 (en) | Apparatus and method for detecting container rootkit | |
US20180025158A1 (en) | System and method for detecting malware in a stream of bytes | |
WO2016126206A1 (fr) | Procédé de brouillage de code utilisant la programmation orientée sur les retours | |
CN115688092A (zh) | 终端弱管控方法、装置、电子设备及存储介质 | |
KR101207434B1 (ko) | 이종의 디지털 문서 보호 시스템 간의 충돌 방지 시스템 및 방법 | |
CN109388948B (zh) | 一种基于虚拟化技术的潜在恶意软件分析方法及相关装置 | |
EP3293660A1 (fr) | Système et procédé de détection d'un code malveillant dans des fichiers | |
KR101653741B1 (ko) | 실행 프로그램 동작 감시방법, 감시장치 및 이를 위한 컴퓨터 프로그램, 그 기록매체 | |
CN116775147B (zh) | 一种可执行文件处理方法、装置、设备及存储介质 | |
JP7476140B2 (ja) | 情報処理装置、情報処理方法、およびプログラム | |
JP6364847B2 (ja) | 主記憶アクセス制御装置、主記憶アクセス制御システム、主記憶アクセス制御方法、及び、主記憶アクセス制御プログラム | |
CN117688551A (zh) | 启动路径白名单更新方法、装置、电子设备及存储介质 | |
CN117150487A (zh) | 一种动态链接库文件注入检测方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20141126 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20141202 |
|
A524 | Written submission of copy of amendment under section 19 (pct) |
Free format text: JAPANESE INTERMEDIATE CODE: A524 Effective date: 20150227 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20150331 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20150908 |